The "Status" variable is set to EFI_ACCESS_DENIED at the top of the
function. Then it is overwritten with EFI_SECURITY_VIOLATION under the
"Failed" (earlier: "Done") label. We finally return "Status".
The above covers the complete usage of "Status" in
DxeImageVerificationHandler(). Remove the variable, and simply return
EFI_SECURITY_VIOLATION in the end.
This patch is a no-op, regarding behavior.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <
20200116190705.18816-9-lersek@redhat.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
<
d3fbb76dabed4e1987c512c328c82810@intel.com>]
IN BOOLEAN BootPolicy\r
)\r
{\r
- EFI_STATUS Status;\r
EFI_IMAGE_DOS_HEADER *DosHdr;\r
BOOLEAN IsVerified;\r
EFI_SIGNATURE_LIST *SignatureList;\r
SecDataDir = NULL;\r
PkcsCertData = NULL;\r
Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED;\r
- Status = EFI_ACCESS_DENIED;\r
IsVerified = FALSE;\r
\r
\r
DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr));\r
FreePool(NameStr);\r
}\r
- Status = EFI_SECURITY_VIOLATION;\r
\r
if (SignatureList != NULL) {\r
FreePool (SignatureList);\r
}\r
\r
- return Status;\r
+ return EFI_SECURITY_VIOLATION;\r
}\r
\r
/**\r